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DETAILED ACTION 

1 . This communication is in response to Application No. 10/510,449 filed on 5 April 
2005. The preliminary amendment, which provides a replacement abstract as well as 
change to claims 4, 6, 9, 10, 13, 16, 18, and 19, is hereby acknowledged. Claims 1-19 
have been examined. 



Drawings 

2. The drawings are objected to as failing to comply with 37 CFR 1 .84(p)(5) 
because they include the following reference characters) not mentioned in the 
description: 72 and 74^ Corrected drawing sheets in compliance with 37 CFR 1.121(d), 
or amendment to the specification to add the reference character(s) in the description 
(Examiner suggested amendment location: Applicant submitted specification, pg 12, 
lines 25-35) in compliance with 37 CFR 1.121(b) are required in reply to the Office 
action to avoid abandonment of the application. Any amended replacement drawing 
sheet should include all of the figures appearing on the immediate prior version of the 
sheet, even if only one figure is being amended. Each drawing sheet submitted after the 
filing date of an application must be labeled in the top margin as either "Replacement 
Sheet" or "New Sheet" pursuant to 37 CFR 1.121(d). If the examiner does not accept 
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the changes, the applicant will be notified and informed of any required corrective action 
in the next Office action. The objection to the drawings will not be held in abeyance. 

Specification 

3. The disclosure is objected to because of the following informalities: uncommon 
grammar or incorrect spelling. Today, in the English language, the word "data" is 
generally used as a singular mass entity noun, synonymous with "information." Very 
rarely is the word "data" still used to refer to "pieces of information." The examiner 
recommends changing all instances in the application where data is used as a plural 
noun (First instance: page 1, line 30; Last instance: page 16, line 11; Eight instances in 
total) to the more generally accepted singular mass entity noun. The word 
"appliquettes" (Applicant submitted specification: Page 22, line 3) is not a word in the 
English language nor accepted in the art, and the examiner requests this be changed to 
"applets." 

Appropriate correction is required. 

Claim Rejections - 35 USC § 102 

4. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 
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(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

5. Claims 1 -1 0, 1 3-1 6, and 1 9 are rejected under 35 U.S.C. 1 02(b) as being 
anticipated by Levergood et al (US 5,708,780). 

Regarding claim 1, Levergood teaches a data exchange system (Levergood: Figure 1) 
over a data transfer network (Levergood: Figure 1 , item 1 0) between a receiver station 
(Levergood: Figure 3, item 50) and a data server with conditional access (Levergood: 
Figure 3, item 52), in which the data exchanges over the network are managed and 
authorized by a control server (Levergood: Figure 3, item 54), characterized in that said 
control server is associated with: 

automatic means forming (authentication server) catalog (database) of usable 
access instruments (user profile) accessible by a user of said receiver station for the 
selection, by this user, of one of these access instruments; (Levergood: col 6, lines 58- 
65 specify examining the account database, which is full of user profiles that are 
potentially accessible by a user) 

automatic means for determining corresponding parameters (authentication 
server creating SIDs) for control of the data exchanges (pages) over said network; 
(Levergood: col 6, lines 65-66 specify the generation of a SID which controls data 
exchange; col 3, lines 33-37 specify the parameters in a SID) 
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automatic means of data exchange control (authentication server using SIDs) 
over this network according to the parameters thus determined. (Levergood: col 7, lines 
15-20 specify initiating, and thus controlling, the transfer based off the SID) 

Regarding claim 2, Levergood teaches the system characterized in that said means 
forming a catalog of usable access instruments comprises: 

storage means (database) comprising a predetermined list of access instruments 
(user profiles) authorized for access to said conditional access data (controlled pages); 
(Levergood: Figure 3, item 58; Levergood: col 7, lines 62-67 specifies that the account 
database is authenticated against) 

data acquisition means relating to the constitution and operation of the system 
and of the elements composing it; (Levergood: col 6, lines 58-65 specifies the other 
information stored that relates to the system and clients, such as IP addresses, which 
implies it is acquired at some point) 

means of establishment of the catalog of usable access instruments (user 
profiles) from at least said list of authorized instruments (valid user profiles) and of said 
acquired data (IP address) relating to the system. (Levergood: col 6, lines 58-65 specify 
that user profiles and other information such as IP addresses are stored in the account 
database) 

Regarding claim 3, Levergood teaches the system characterized in that said acquisition 
means of analysis of the receiver station, suitable for delivering: 
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data relating to the nature of the receiver station or data relating to the exchange 
capabilities of the receiver station. (Levergood: col 6, lines 58-65 specify that user IP 
addresses are stored, implying they are delivered at some point) 

Regarding claim 4, Levergood teaches the system characterized in that said acquisition 
means comprise means of connection between the receiver station and the network, 
suitable for delivering: 

data relating to the means of connection between the receiver station and the 
network or data relating to the time of the exchanges. (Levergood: col 6, lines 58-65 
specify that the user IP addresses are stored, which inherently relate to the connection 
of the client; Levergood: col 3, lines 33-37 specify the SID contains time expiration data 
and lines 44-47 specify that SID information is logged, implying that time information is 
delivered and then stored) 

Regarding claim 5, Levergood teaches the system characterized in that said control 
server is associated with means of remote interrogation of said connection means to 
obtain said data. (Levergood: col 3, lines 29-32 specify that the client is interrogated 
and then an SID is issued, which contains IP address information) 

Regarding claim 6, Levergood teaches the system characterized in that said means of 
determining the exchange control parameters (authentication server) are connected to 
means of storing data concerning conditions of access (content server) to said data with 
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conditional access and to means of storing (account database) exchange authorization 
data (user profile information) associated with the selected access instrument (user 
profile) to establish said exchange control parameters. (Levergood: Figure 3; item 54 is 
connected to both item 52 and item 58) 

Regarding claim 7, Levergood teaches the system characterized in that said means of 
determination of the exchange control parameters (authentication server) are also 
connected to means of supervision (URLS, redirections, and requests) of operation of 
the receiver station (client), (Levergood: Figure 3, item 54 connected to item 50) in order 
to receive, from said means, data relating to the state of activity or to the operation of 
said receiver station. (Levergood: col 6, lines 58-60 specify that the client sends a GET 
request, thereby indicating the client is notifying the authentication server that he is in a 
GET state and trying to obtain validation) 

Regarding claim 8, Levergood teaches the system characterized in that said means of 
supervision are formed by software means (URLs) initially stored in the system and 
transmitted to said receiver station on which they reside throughout the data exchanges. 
(Levergood: col 7, line 51 - col 8, line 13 specifies the authentication server sending a 
tagged URL redirection to the client, where the client then utilizes the URL to request 
the content from the content server using his browser. The URL would be maintained in 
the client browser throughout the transfer of the page.) 
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Regarding claim 9, Levergood teaches the system characterized in that said exchange 
authorization data associated with the selected access instrument correspond to one of 
the elements in the group consisting of: 

temporal credit data, monetary credit data, fixed charge credit data, data volume 
credit data, and of billing data. (Levergood: col 8, line 59 - col 9, line 6 specify that the 
client can prepay or enter payment information to subscribe for access and that an 
authorization indicator is embedded in the SID, prepayment implies that the 
authorization indicator is also kept in the account database and associated to user 
profiles) 

Regarding claim 10, Levergood teaches the system characterized in that it comprises a 
user management server (authentication server) comprising at least one database 
(account database) containing said exchange authorization data (user profile verification 
information, such as passwords or authorization indicators) associated with the access 
instruments. (Levergood: col 6, lines 60-65 specify that the account database contains 
user profiles that contain passwords) 

Regarding claim 13, Levergood teaches the system characterized in that it comprises 
means of determining a user identifier (password or IP address) associated with said 
access instruments in order to allow the identification by said user management server 
of a corresponding user account. (Levergood: col 6, lines 58-65 specify that the IP 
address or a password could be used to determine the user profile) 



Application/Control Number: 10/510,449 



Art Unit: 41 17 



Page 9 



Regarding claim 14, Levergood teaches the system characterized in that said means of 
determining a user identifier are automatic means of identification of the receiver 
station. (Levergood: col 6, lines 36-44 specify that for varying levels of authentication 
can occur, some without prompting the user; col 6, lines 60-65 specify the user profile 
identification can occur using an IP address, implying it is automatic) 

Regarding claim 15, Levergood teaches the system characterized in that said means of 
determining a user identifier are means of manually inputting an identifier. (Levergood: 
col 6, lines 44-50 specify a higher-level authentication that prompts for a username and 
password; col 6, lines 60-65 specify the user profile identification can occur using 
password, implying it is manual) 

Regarding claim 16, Levergood teaches the system characterized in that it comprises 
means of debiting said exchange authorization data, associated with said used access 
instrument, in order to debit the data according to the data exchanges. (Levergood: col 
8, lines 67 - col 9, lines 6 specify the system can bill and charge users per document 
viewing and indicate it in the user information such as the SID) 

Regarding claim 19, Levergood teaches the system characterized in that said data 
exchange control means (authentication server) are interrogated periodically by said 
receiver station (client) in order to transmit to it or not an authorization for access (SID) 
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to the data of said data server. (Levergood: col 6, lines 36-57 specify that the client is 
redirected from the content server to the authentication server every time it tries to 
access restricted content) 



Claim Rejections - 35 USC § 103 

6. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

7. Claims 11, 12, and 18 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Levergood et al (US 5,708,780), and further in view of Riley et al (US 
2002/001 0800 A1). 

Regarding claim 11, Levergood teaches the system characterized in that said user 
management server is a server that provides user management capabilities. 
(Levergood: col 6, lines 60-65 specify that the account database contains user profiles) 

Levergood does not teach wherein the server provides access to said data 
transfer network connecting said receiver station to said network. 

Riley, in a similar field of endeavor, teaches a server (network access system) 
that provides access to said data transfer network connecting said receiver station (host 
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computer) to said network. (Riley: Figure 2 depicts the NAC is between the PC and the 
internet; Figure 1 in combination with Figure 3 depict the NAC provides access to both 
an un-trusted network and a private trusted network; See also [0052-0053]) 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to utilize the teachings of Riley for managing the data connection 
between the receiver station and the network. The teachings of Riley, when 
implemented in the Levergood system, would allow for more secure access regulation 
between the receiver station and a potentially un-trusted network, or vice versa, 
between a potentially un-trusted receiver station and a private, trusted network. One of 
ordinary skill in the art would be motivated to utilize the teachings of Riley in the 
Levergood system in order to prevent "information leaking out" or "information leaking 
in" (Riley: [0006]). 

Regarding claim 12, the Levergood/Riley system teaches a system characterized in that 
said user management server (Levergood: authentication server) is a server controlling 
the physical means of connection of the receiver station (Riley: Host computer CPU) to 
the data transfer network (Riley: private network). (Riley: Figure 4 depicts there is 
physical separation between the un-trusted network and the host CPU) 

Regarding claim 18, the Levergood/Riley system teaches a system characterized in that 
said data exchange control means (Levergood's authentication server as Riley's NAC) 
are suitable for being interposed between said data server (Levergood's content server 
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on Riley's private network) and said receiver station (Riley's host PC) in order directly to 
control all the data exchanges between them. (Riley: [0030] specifies that the NAC 
restricts access from the host PC to certain devices/resources on the private network) 



8. Claim 17 is rejected under 35 U.S.C. 103(a) as being unpatentable over 
Levergood et al (US 5,708,780), and further in view of Adam et al (US 2002/0181710 
A1). 

Regarding claim 17, Levergood teaches the system characterized in that said debiting 
means are accessible by said control server (authentication server) and the user 
management server (authentication server). (Levergood: col 8, line 67 - col 9, line 6) 

Levergood does not teach wherein the debiting means comprise a debiting 
server connected to a telephone type network and wherein said debiting server is 
accessible through a programmable call controller. 

Adam, in a similar field of endeavor, teaches wherein said debiting means 
comprise a debiting server (Adam: Figure 4, item 3 depict an administration server; 
Adam: abstract specifies it is for debiting) connected to another network of the 
telephone type (Adam: Figure 4, item 4) and accessible through a programmable call 
controller (Adam: abstract specifies a communication unit used by the point-of-sale 
(POS) merchant in order to initiate communication about the user to the administration 
server) 
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It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to utilize the teachings of Adam for using a mobile phone 
administration server to debit user bank accounts. The teachings of Adam, when 
implemented in the Levergood system, would allow the authentication server to act as a 
POS merchant server and automatically debit accounts via a GSM network and 
administration server. One of ordinary skill in the art would be motivated to utilize the 
teachings of Adam in the Levergood system in order to "centralize the administration of 
merchant and customer accounts" (Adam: [0010]). 



Conclusion 

9. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

a. Bigham et al (US 5,740,075) discloses an access subnetwork controller 
for pay-per-view TV networks. 

b. Brown et al (US 6,658,415 B1) discloses a system for managing user 
access to content with a remote database. 

c. Charas (US 2002/0056002 A1 ) discloses a method and apparatus for 
authenticating both users and payment for accessing a roaming 
telecommunications network. 

d. Drosset et al (US 6,662,231 B1 ) discloses a system and method for 
restricting user access to audio content over a network. 
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e. Dutta et al (US 2003/0097444 A1 ) discloses a method and apparatus for 
authorizing online transactions via a telecommunications network. 

f. Gullotta et al (US 2002/01 56904 A1 ) discloses a system and method for 
users accessing network resources based on multiple factors such as 
organizational permissions, authorizations, third party account or billing 
information, etc. 

g. Henaff et al (US 2004/0049587 A1 ) discloses a method for controlling 
access to Internet websites. 

h. Norris (US 6,71 8,328 B1 ) discloses a system and method for controlling 
access to network resources using tokens. 

i. Schmeidler et al (US 6,374,402 B1 ) discloses a method and apparatus for 
installing an application on a client computer in order to access content via a 
content and access server. 

j. White et al (US 6,199,144 B1 ) discloses a method for using a smart card 
initiate an authorized user session. 

k. Willens (US 5,889,958) discloses a system and process for controlling 
network access. 

I. Winkler (US 2003/00701 00 A1 ) discloses a system and apparatus that 
authenticates users based off of a multi-factor access instrument that includes a 
biometric scanner, pin pad, a card reader, and GPS locator, 
m. Woodhill (US 2002/0004831 A1 ) discloses a system and method for using 
a telecommunications network to authorize online transactions. 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Jeffrey Nickerson whose telephone number is 571-270- 
3631. The examiner can normally be reached on M-Th, 8:30-6:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Beatriz Prieto can be reached on 571-272-3902. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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